For mitigation of injection security attacks against non-relational databases, a database driver layer is integrated with a security layer. A trigger associated with the security layer is set to implement a learning phase of the security layer. In response to enabling the trigger, queries and query parameters associated with the respective queries are received. For the queries, a previously-stored security pattern is identified based on the query and the associated query parameters. The trigger associated with the security layer is reset to implement an execution of the security patterns. In response to resetting the trigger, an additional query and additional query parameters associated with the additional query is received. A particular security pattern is identified that is associated with the additional query and the additional query parameters. At least one of the additional query parameters is determined to not match a corresponding query parameter of the particular security pattern.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A computer-implemented method, comprising: integrating a database driver layer with a security layer; setting a trigger associated with the security layer to implement a learning phase of the security layer; in response to enabling the trigger, receiving a plurality of queries and query parameters associated with the respective queries; for each query of at least a subset of the plurality of queries, identifying a previously-stored security pattern from a plurality of security patterns based on the query and the associated one or more query parameters; resetting the trigger associated with the security layer to implement an execution of the security patterns; in response to resetting the trigger, receiving an additional query and one or more additional query parameters associated with the additional query; identifying a particular security pattern from the plurality of security patterns that is associated with the additional query and the additional one or more query parameters; and determining that at least one of the additional query parameters does not match a corresponding query parameter of the particular security pattern.
2. The computer-implemented method of claim 1 , wherein integrating further includes integrating the database driver layer with the security layer for mitigation of injection security attacks of a non-relational database associated with the database driver layer.
3. The computer-implemented method of claim 2 , further comprising in response to determining that at least one of the additional query parameters does not match the corresponding query parameter of the particular security pattern, triggering a security error for the non-relational database.
4. The computer-implemented method of claim 3 , wherein the non-relational database is a NOSQL database.
5. The computer-implemented method of claim 1 , further comprising for each query of at least a subset of the plurality of queries, updating the identified security pattern based on the associated one or more query parameters.
6. The computer-implemented method of claim 5 , wherein the trigger associated with the security layer is reset after updating the identified security pattern.
7. The computer-implemented method of claim 1 , for each query of at least a different subset of the plurality of queries, determining that that a security pattern is not associated with the query and the associated one or more query patterns, and in response, generating a new security pattern based on the query and the associated one or more queries.
8. The computer-implemented method of claim 1 , further comprising: in response to resetting the trigger, receiving a second additional query and one or more second additional query parameters associated with the second additional query; identifying a specific security pattern from the plurality of security patterns that is associated with the second additional query and the one or more second additional query parameters; and determining that each second additional query parameter matches a corresponding query parameter of the specific security pattern.
9. The computer-implemented method of claim 8 , further comprising in response to determining that each second additional query parameter matches the corresponding query parameter of the specific security pattern, providing the second additional query to the database driver layer.
10. The computer-implemented method of claim 9 , further comprising executing the second additional query against a non-relational database associated with the database driver layer.
11. A non-transitory, computer-readable medium storing one or more instructions executable by a computer system to perform operations comprising: integrating a database driver layer with a security layer; setting a trigger associated with the security layer to implement a learning phase of the security layer; in response to enabling the trigger, receiving a plurality of queries and query parameters associated with the respective queries; for each query of at least a subset of the plurality of queries, identifying a previously-stored security pattern from a plurality of security patterns based on the query and the associated one or more query parameters; resetting the trigger associated with the security layer to implement an execution of the security patterns; in response to resetting the trigger, receiving an additional query and one or more additional query parameters associated with the additional query; identifying a particular security pattern from the plurality of security patterns that is associated with the additional query and the additional one or more query parameters; and determining that at least one of the additional query parameters does not match a corresponding query parameter of the particular security pattern.
12. The computer-readable medium of claim 11 , wherein integrating further includes integrating the database driver layer with the security layer for mitigation of injection security attacks of a non-relational database associated with the database driver layer.
13. The computer-readable medium of claim 12 , the operations further comprising in response to determining that at least one of the additional query parameters does not match the corresponding query parameter of the particular security pattern, triggering a security error for the non-relational database.
14. The computer-readable medium of claim 11 , the operations further comprising for each query of at least a subset of the plurality of queries, updating the identified security pattern based on the associated one or more query parameters.
15. The computer-readable medium of claim 14 , wherein the trigger associated with the security layer is reset after updating the identified security pattern.
16. The computer-readable medium of claim 11 , for each query of at least a different subset of the plurality of queries, determining that that a security pattern is not associated with the query and the associated one or more query patterns, and in response, generating a new security pattern based on the query and the associated one or more queries.
17. The computer-readable medium of claim 11 , the operations further comprising: in response to resetting the trigger, receiving a second additional query and one or more second additional query parameters associated with the second additional query; identifying a specific security pattern from the plurality of security patterns that is associated with the second additional query and the one or more second additional query parameters; and determining that each second additional query parameter matches a corresponding query parameter of the specific security pattern.
18. The computer-readable medium of claim 17 , the operations further comprising in response to determining that each second additional query parameter matches the corresponding query parameter of the specific security pattern, providing the second additional query to the database driver layer.
19. A computer-implemented system, comprising: one or more computers; and one or more computer memory devices interoperably coupled with the one or more computers and having tangible, non-transitory, machine-readable media storing one or more instructions that, when executed by the one or more computers, perform one or more operations comprising: integrating a database driver layer with a security layer; setting a trigger associated with the security layer to implement a learning phase of the security layer; in response to enabling the trigger, receiving a plurality of queries and query parameters associated with the respective queries; for each query of at least a subset of the plurality of queries, identifying a previously-stored security pattern from a plurality of security patterns based on the query and the associated one or more query parameters; resetting the trigger associated with the security layer to implement an execution of the security patterns; in response to resetting the trigger, receiving an additional query and one or more additional query parameters associated with the additional query; identifying a particular security pattern from the plurality of security patterns that is associated with the additional query and the additional one or more query parameters; and determining that at least one of the additional query parameters does not match a corresponding query parameter of the particular security pattern.
20. The system of claim 19 , wherein integrating further includes integrating the database driver layer with the security layer for mitigation of injection security attacks of a non-relational database associated with the database driver layer.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
January 29, 2018
May 19, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.